Skip to content

Automate sync-files workflow to prevent changes to synced files #327

New issue
New issue
Open
Open
Automate sync-files workflow to prevent changes to synced files#327
Labels
help wantedExtra attention is neededstatus:stale
@xmfcx

Description

@xmfcx
xmfcx
opened on Nov 29, 2024

Checklist

  • I've read the contribution guidelines.
  • I've searched other issues and no duplicate issues were found.
  • I've agreed with the maintainers that I can plan this task.

Description

Enhance the sync-files workflow to automatically generate a GitHub Actions workflow that prevents modification of synced files in the target repository. This will ensure consistency and integrity by disallowing changes to files synced from the source repository (repo A) in the target repository (repo B).

The newly generated workflow will utilize the Ensure Files Changed GitHub Action to fail checks if modifications are detected in the list of synced files. The sync-files job will dynamically update the list of synced files in this workflow every time it runs.

Purpose

The purpose of this feature is to automate the enforcement of file integrity in the target repository. By preventing changes to synced files, we maintain alignment between the source and target repositories without manual intervention. This approach ensures:

  • Synced files remain unchanged unless updated by the sync-files job.
  • The integrity of the sync process is preserved.
  • Unintentional or unauthorized modifications to synced files are prevented without bypassing the required status checks.

Possible approaches

  1. Generate Workflow Automatically:

    • When the sync-files job completes, it generates or updates a workflow YAML file in the target repository.
    • This workflow uses the Ensure Files Changed action to validate that no synced files have been modified.

  2. Dynamic List Management:

    • The sync-files job dynamically updates the list of synced files in the generated workflow file.

  3. Enforce Workflow Runs:

    • Configure the rulesets to ensure the generated workflow must pass before changes can be merged.

Definition of done

  • Implement logic in the sync-files job to generate or update a GitHub Actions workflow file in the target repository.
  • Include the Ensure Files Changed action in the generated workflow to validate file integrity.
  • Ensure the generated workflow is automatically updated with the latest list of synced files whenever the sync-files job runs.
  • Validate the workflow is triggered during pull requests to prevent modifications to synced files.
  • Test and confirm that attempts to modify synced files result in failed status checks unless bypassed.

ChatGPT link

cc. @mitsudome-r

Metadata

Metadata

Assignees

No one assigned

    Labels

    help wantedExtra attention is neededstatus:stale

    Type

    No type

    Projects

    Software Working Group

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions